Package: iptables Version: 1.4.6-2 Severity: important --- Please enter the report below this line. ---
I have a small home network consisting on my desktop that acts as a gateway and another local computer. Before I upgraded to 2.6.32 from 2.6.26 my local network worked fine. My iptables rules worked without any problem. > Before I upgraded to 2.6.32 from 2.6.26 my local network worked fine. >> Before I upgraded to 2.6.32 from 2.6.26 my local network worked fine!!! After the upgrade the network on the local computer stopped working. Assuming that this might have been some incompatibility I've upgrade several other packages (eg, ipfilters, netbase, ...), but to no avail. I can ping the local computer from my gateway and vice-versa. And I can also ssh from the local computer to the gateway. The routing tables are ok, resolv.conf is ok, ip forwarding is ok. I get no error messages with dmesg when doing: iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE by looking at the Debian Official Kernel Configuration files the kernel linux-image-2.6.32-trunk-amd64 has options: CONFIG_NF_NAT=m CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=m I have at least these modules loaded: # lsmod | grep -i masquer ; lsmod | grep -i nat ; lsmod | grep -i track ipt_MASQUERADE 1554 1 nf_nat 13340 2 ipt_MASQUERADE,iptable_nat nf_conntrack 46359 5 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state x_tables 12813 7 iptable_nat 4299 1 nf_nat 13340 2 ipt_MASQUERADE,iptable_nat nf_conntrack_ipv4 9817 7 iptable_nat,nf_nat nf_conntrack 46359 5 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state ip_tables 13899 2 iptable_nat,iptable_filter x_tables 12813 7 ipt_REJECT,ipt_MASQUERADE,iptable_nat,xt_limit,xt_tcpudp,xt_state,ip_tables nf_conntrack_ipv4 9817 7 iptable_nat,nf_nat nf_defrag_ipv4 1139 1 nf_conntrack_ipv4 nf_conntrack 46359 5 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state I used tcpdump on the $LAN and $WAN NICs on the gateway while I tried to ping google.com from the local computer. The packets reach the gateway but then nothing happens. No reference of google.com with tcpdump on the $WAN side. I also tried having the rules: iptables -F INPUT;iptables -F OUTPUT;iptables -F FORWARD But nothing... If you need an how-to reproduce this bug, see section 5.2 of: http://www.gentoo.org/doc/en/home-router-howto.xml#doc_chap5 Someone please fix this! Debian/GNU/Linux is giving me ulcers! Thank you! --- System information. --- Architecture: amd64 Kernel: Linux 2.6.32-trunk-amd64 Debian Release: lenny/sid 990 testing security.debian.org 990 testing ftp.debian.org 990 testing ftp.de.debian.org 500 unstable ftp.debian.org 500 unstable ftp.de.debian.org 500 unstable deb.opera.com 500 stable security.debian.org 500 stable deb.opera.com --- Package information. --- Depends (Version) | Installed ======================-+-=========== libc6 (>= 2.7) | 2.10.2-2 Package's Recommends field is empty. Package's Suggests field is empty. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
